<?php

//print_r($_POST);
 
// username and password sent from form 


$name = $_POST['name'];
$password = $_POST['password'];
$real_name = $_POST['real_name'];
$email = $_POST['email'];
$phone_number = $_POST['phone_number'];
$work_address = $_POST['work_address'];
$authority = $_POST['authority'];
if(!isset($_POST['name'])){
	header("location:../index.php?page=manage_users&stat=error&error=missing");
}

if($authority=='pick'){
	$pick=$_POST['pick'];
	$position=array();
	$authority=implode(",", $pick);
	foreach($pick as $auth){
		$pos="";
		if(is_numeric($auth)){
			$pos=getOrganizationType($auth);
		}elseif($auth=='all'){
			$pos="d";
		}elseif($auth=='accounting'){
			$pos="a";
		}elseif($auth=='management'){
			$pos="m";
		}else{
		
		}
		
		if (!in_array($pos, $position)&&$pos!=""){
			array_push($position,$pos);
		}
	}
	$position=implode(",", $position);
}else{
	$authority="";
	$position="";
}


$sql= "INSERT INTO  `backoffice`.`user` (
		`id` ,
		`name` ,
		`real_name` ,
		`password` ,
		`authority` ,
		`online` ,
		`session` ,
		`email` ,
		`phone_number` ,
		`work_address` ,
		`position`
		)
		VALUES (
		NULL ,  '$name',  '$real_name',  '1111',  '$authority',  '',  '',  '$email',  '$phone_number',  '$work_address','$position'
		)";
				
		if(mysql_query($sql)){
			header("location:../index.php?page=manage_users&stat=added");
		}else{
			header("location:../index.php?page=manage_users&stat=error&error=add");
		}
		    	
		


?>